Frank, > I want to have user login-out of my webpage and restrict access to certain features. Im not using a relay server atm, but I could add that later. I am familiar with IIS, I know the basics and some about security but I know I have to learn more...
The most common standards-based way to do this is fairly straightforward, use cookies to issue a unique cookie to each user that passes the authentication test. Then, each request to access restricted content should check for a valid cookie. If not found, redirect to the Login page. There are ways other than cookies to accomplish the same thing, like passing a token as a parameter in the url or as a hidden field in a form, the advantage being they work even with cookies disabled. We try to stick with standards-based web programming, which means we avoid proprietary solutions like cold fusion, asp, java, and .net. However, if you are using asp, check the SessionID property of the Session object. This is the cookie approach I described above as implemented in asp pages. The difference is it will _only_ run on asp. The way we do this with our own cookies works fine with virtually any web server without modification. The biggest reason to stick with standards-based programming is that, as a developer, you want to create large libraries of code that can be recycled in one way or another. When done to optimal advantage, these libraries will take years to build and debug. If you stick with standards, your old code will continue to run well into the future. If you do not, years of your work could (and probably will) become obsolete because the company controlling the technology changes their mind about how to do certain things. Talk to a longtime VB programmer if you want to hear more about this. We started using Pascal for this reason many years ago because at that time it was the only ANSI standard programming language. Much of the code we wrote in standard Pascal still compiles fine in Delphi. Glenn Lawler ----------------------------------------------------- Home page: http://groups.yahoo.com/group/delphi-en/ To unsubscribe: [EMAIL PROTECTED] Yahoo! Groups Links <*> To visit your group on the web, go to: http://groups.yahoo.com/group/delphi-en/ <*> To unsubscribe from this group, send an email to: [EMAIL PROTECTED] <*> Your use of Yahoo! Groups is subject to: http://docs.yahoo.com/info/terms/
